Claude Code drafts public bug reports containing sensitive project information without anonymising

Resolved 💬 7 comments Opened Feb 26, 2026 by ElmsPark Closed Apr 5, 2026

Product: Claude Code (VS Code extension)
Model: claude-opus-4-6[1m]

Description

When asked to draft a bug report for submission to the public anthropics/claude-code GitHub issues tracker, Claude Code included specific organisation names, repository URLs, file paths, and project structure details from the user's private codebase. The user had to intervene before submission.

Steps to reproduce

  1. User asks Claude Code to write a bug report about a mistake it made
  2. User specifies "don't post it until I read it"
  3. Claude drafts the report including: private GitHub organisation names, private repository URLs, internal file/plugin names, and structural details about the user's infrastructure

Expected behaviour

  • Automatically anonymise all project-specific details (org names, repo URLs, file paths, plugin names) when drafting content destined for a public forum
  • Use generic placeholders (e.g. "private-org/internal-repo", "plugin-a.zip") instead of real identifiers
  • Recognise that revealing private repository structures, organisation names, and infrastructure details on a public issue tracker creates an attack surface

Actual behaviour

Claude included real organisation names, real repository URLs, real file names, and real infrastructure details in a draft intended for a public GitHub issue. Had the user not caught this, sensitive project information would have been posted publicly.

Impact

  • Information disclosure risk: private org names, repo structure, and file naming conventions exposed
  • Attack surface: knowledge of private repo names, plugin architecture, and distribution channels could aid targeted attacks
  • The user should not have to remind an AI assistant about basic information security when posting to public forums

Suggested improvements

  1. When drafting content for public submission (bug reports, forum posts, etc.), automatically anonymise all project-specific identifiers
  2. Flag to the user: "I've anonymised the following details -- please verify before posting"
  3. Treat all organisation names, repo URLs, file paths, and internal naming conventions as sensitive by default when the output destination is public

Environment

  • Claude Code VS Code extension
  • macOS

View original on GitHub ↗

This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗